Bromium Insights Report is designed to help our customers become more aware of emerging threats and trends and to equip security teams with knowledge and tools to combat today’s attacks and anticipate evolving threats to manage their security posture.

This report from Bromium offers insights into notable threats and events from 2019.

This report presents data gathered between October–December 2018, along with previously collected data for historical comparisons. We examine which employees and organizational departments receive the most highly targeted email threats. Then we explore how they’re being attacked, analyzing attackers’ techniques and tools. Based on these findings, we recommend concrete steps organizations can take to build a defense that focuses on their people.

This paper, published in partnership with the UC Berkeley Center for Long-Term Cybersecurity, highlights research indicating that “underserved” residents in San Francisco, California— including low-income residents, seniors, and foreign language speakers—face higher-than average risks of being victims of cyber attacks. They are less likely to know whether they have even been victimized by a cyber attack, and they have lower awareness of cybersecurity risks. Partly as a result, they are less likely to access online services. This cybersecurity gap is a new “digital divide” that needs to be addressed—with urgency—by the public and private sectors alike.

This unique report takes a hard look at scams that focus on tax reporting and the filing of taxes.

This white paper will guide security teams as they reexamine their approach to cloud-based email.

This report offers information on Mobile Phishing from data researched in 2018.

Using information from Rapid7’s Project Sonar internet telemetry service, this report reviews several dimensions of demonstrated security controls for companies in the S&P 200 and ASX (Australian) stock indices.

This report shares findings from a survey conducted of more than 3,100 IT, security and other non-technical professionals. It explores their learning habits, levels of personal and organizational preparedness, and factors that improve their confidence and defensive capabilities. If the key findings below resonate with challenges facing your organization, then you will definitely want to add this to the top of your reading list.

Phishing domains pose a significant cyber risk for major airlines. Learn how many phishing domains for major airlines there are and how to find them.

From The Report, “What you’re reading are insights culled from a year of security data analysis and hands-on lessons learned. Data analyzed includes the 6.5 trillion threat signals that go through the Microsoft cloud every day and the research and realworld experiences from our thousands of security researchers and responders around the world. In 2018, attackers used a variety of dirty tricks, both new (coin mining) and old (phishing), in their ongoing quest to steal data and resources from customers and organizations. Hybrid attacks, like the Ursnif campaign, blended social and technical approaches. As defenders got smarter against ransomware, a loud and disruptive form of attack, criminals pivoted to the more “stealth”, but still profitable, coin-miners.”

From the report, “It should be another momentous year for mobile security, with cyber attacks growing rapidly in sophistication and distribution. This report will cover the key mobile security trends that emerged last year as well as summarize thoughts for the mobile threat landscape for the year ahead.”

From the report, “Let’s face it: senior leaders at organizations across the globe are already pressed for their time and attention. Today’s changing threat landscape requires executives and managers to fundamentally rethink their approach when it comes to addressing and mitigating cyber-risk. With the growth in cloud, mobile, and IoT, combined with employee and supply chain access to critical data and intellectual property, security and privacy awareness is now front and center for executives in the fight against cyberthreats. Yet finding the time for executives to effectively educate themselves in order to prevent cyberthreats continues to be a challenge. Take a look [in the report and discover] how executives and managers across various industries compared to the general population in terms of their knowledge of cybersecurity and data privacy best practices.”

To better understand what government employees know (and don’t know) about data privacy and cybersecurity awareness, we surveyed 1,016 U.S.- based employees who work for local, state, and federal government entities. We then compared the results against a broader sample of employed U.S. adults that took the same survey, the results of which we featured in our 2017 State of Privacy and Security Awareness report.

This report takes a look at many of the cyber security events that took place in 2017 and discusses what they could mean for 2018.

From the report, “Our State of Privacy and Security Awareness Report is back for a third year in a row, having originally been launched in 2016 due to the need to gain a better understanding of the cybersecurity knowledge of today’s workforce. Fast forward to 2018, and the need for such a resource has never been more important. Human-caused data breaches are still making headlines, and phishy emails are still letting the bad guys in. Increasingly popular cloud-storage tools are making it easier than ever to put sensitive data at risk, IOT devices are providing new inroads for the bad guys, and new breeds of malware continue to evolve on a daily basis. One thing connects these threats: the role that employees play in keeping their organizations secure. So, without further ado, we’re pleased to announce the results of the 2018 State of Privacy and Security Awareness Report.”

From the report, “Each marketplace has to approve each game being sold, which gives your company credibility. Consumers also have the ability to rate the games with reviews in order to warn others about a game or a developer. Adding the consumer reviews is a layer of credibility for your game, as long as the reviews are positive. Being able to sell games directly online is great for merchants, but also opens them up to the possibility of fraud and chargebacks.” Read on to find out more.

This whitepaper is intended to help firms understand how security automation can accelerate analyst response time to incoming phishing alerts and minimize the impact of these malicious attacks on their environment.

From the report, “To understand current levels of exposure and resiliency, Rapid7 Labs measured 4532 of the 2017 Fortune 500 List3 for: • Overall attack surface (the number of exposed servers/devices); • Presence of dangerous or insecure services; • Phishing defense posture; • Evidence of system compromise; • Weak public service and metadata configurations; and • Joint third-party website dependency risks.” Read on to find out more.

“The people, not just tools, are the key to enterprise cyber security. It’s time to devise an actionable plan to make sure every member of your organization is cyber-ready. In this guide, we will present a basic framework for optimizing the types, frequency and costs of security simulation training for the entire enterprise.”

This helpful guide provides insight into the settings you should maintain on all of the major social networks. Read on to learn more.